On Sun, Jun 19, 2022 at 11:25:33AM -0500, michael.christie@xxxxxxxxxx wrote: > sg_write_same allows it. We found the bug because some user just decided > to do: > > sg_write_same ... -nbod .. /dev/sdb > > and it crashed the box. Oh. > I didn't know about the MI_REPORT_SUPPORTED_OPERATION_CODES part of it. > I don't need support for the feature. I just want to fix the crash. > I prefer just returning failure since nothing ever has ever used it if > other people prefer that as well. I think the feature is generally useful, and I know Martin had patches to use it in Linux. But I think a minimal fix for the remotely exploitable crash has the highest priority. Where does it crash? Maybe we just need a better sanity check somewhere if a command claims to transfer data but has not payload?
